On 09 Jan 17:16, Chris Green wrote:
In the default apache2 installation on Ubuntu you get the following setting in the default virtual host:-
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
This means that CGI scripts are in the /usr hierarchy which doesn't seem very helpful. Is the the norm for apache2 or is it just Ubuntu's doing?
It's a debian thing, really...
And the main reason is because that's where packages will drop their cgi files by default.
I'm thinking I either want to point it to some suitable /home/<user> directory or possibly somewhere below /var/www, is there anything wrong with doing either of these (assuming suitable security protection of course).
Really /var/www should be taken out back and shot, it was a bodge in the first place, and has just managed to stay there. These days I tend to serve from /srv/http/<websitename>, as the /srv heirarchy is gauranteed to be in sysadmin control, and packages are not allowed to touch it (at least in theory!).
I also tend to write wrapper scripts for cgis and use apache2-suexec-custom to set the cgi root to a sensible ish place, and run the cgis as a different user to the webserver...
Cheers,